Cyber Intelligence-Driven Risk provides a solution to one of the most pressing issues that executives and risk managers face: How can we weave information security into our business decisions to minimize overall business risk?
In today's complex digital landscape, business decisions and cyber event responses have implications for information security that high-level actors may be unable to foresee. What we need is a cybersecurity command center capable of delivering, not just data, but concise, meaningful interpretations that allow us to make informed decisions.
Building, buying, or outsourcing a CI-DR™ program is the answer. In his work with executives at leading financial organizations and with the U.S. military, author Richard O. Moore III has tested and proven this next-level approach to Intelligence and Risk. This book is a guide to:
- Building, buying, or outsourcing a cyber intelligence-driven risk program - Understanding the functional capabilities needed to sustain the program - Using cyber intelligence to support Enterprise Risk Management - Reducing loss from cyber events by building new organizational capacities - Supporting mergers and acquisitions with predictive analytics
Each function of a well-designed cyber intelligence-driven risk program can support informed business decisions in the era of increased complexity and emergent cyber threats.
Table of Contents
Preface vii
Acknowledgments xi
Introduction xv
Chapter 1: Objectives of a Cyber Intelligence-Driven Risk Program 1
Notes 5
Chapter 2: Importance of Cyber Intelligence for Businesses 7
Notes 14
Chapter 3: Military to Commercial Viability of the CI-DR™ Program 15
Notes 23
Chapter 4: CI-DR™ Security Program Components 25
Notes 39
Chapter 5: Functional Capabilities of the CI-DRTM Program 41
Notes 54
Chapter 6: CI-DR™ Key Capability Next-Generation Security Operations Center 55
Introduction by Kiran Vangaveti - CEO of BluSapphire 55
Notes 60
Chapter 7: CI-DR™ Key Capability Cyber Threat Intelligence 63
Notes 70
Chapter 8: CI-DR™ Key Capability Forensic Teams 71
Dr. Steven Johnson
Notes 85
Chapter 9: CI-DR™ Key Capability Vulnerability Management Teams 87
By Derek Olson
Notes 103
Chapter 10: CI-DR™ Key Capability Incident Response Teams 105
By Dr. Steven Johnson
Notes 122
Chapter 11: CI-DR™ Collection Components 123
Notes 125
Chapter 12: CI-DR™ Stakeholders 127
By Steve Dufour, CEO
Notes 133
Conclusion 135
Glossary 139
About the Author and Chapter Authors 145
Index 149
